coverity_scan: fixed defects, using proper random number generator

Author: ph4r05

.travis.yml

@@ -35,6 +35,7 @@ addons:
     - libboost-program-options1.55-dev
     - libboost-serialization1.55-dev
     - libboost-iostreams1.55-dev
+    - libboost-random1.55-dev
   coverity_scan:
       project:
         name: "ph4r05/Whitebox-crypto-AES"

CMakeLists.txt

@@ -5,6 +5,7 @@ set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++0x")
 
 set(SOURCE_FILES
     base.h
+    base.cpp
     BGEAttack.cpp
     BGEAttack.h
     BGEAttack_test.cpp
@@ -43,7 +44,7 @@ include_directories(${NTL_INCLUDE_PATH})
 set(Boost_USE_STATIC_LIBS OFF)
 set(Boost_USE_MULTITHREADED ON)
 set(Boost_USE_STATIC_RUNTIME OFF)
-find_package(Boost REQUIRED COMPONENTS program_options serialization iostreams)
+find_package(Boost REQUIRED COMPONENTS program_options serialization iostreams random)
 include_directories(${Boost_INCLUDE_DIRS})
 
 # Linking

GenericAES.cpp

@@ -561,7 +561,7 @@ int GenericAES::testMixColumn(){
 }
 
 void GenericAES::generateA1A2Relations(vec_GF2E& A1, vec_GF2E& A2){
-	generateA1A2Relations(A1, A2, (rand() % 255) + 1, rand() % 8);
+	generateA1A2Relations(A1, A2, (phrand() % 255) + 1, phrand() % 8);
 }
 
 void GenericAES::generateA1A2Relations(vec_GF2E& A1, vec_GF2E& A2, int a, int q){

LinearAffineEq.cpp

@@ -613,7 +613,7 @@ int LinearAffineEq::findLinearEquivalences(bsetElem * S1,   bsetElem * S1inv,
 				// Chose new X and pick value for it
 				// Keep in mind linearity of mapping, so avoid duplicities.
 				if (randomizeXGuess){
-					int rnd = rand() % Ua.size();
+					int rnd = phrand() % Ua.size();
 					it1 = Ua.begin(); for(i=0; i<rnd; ++i, ++it1);
 					x = *it1; Ua.erase(it1);
 					Na.insert(x);

MixingBijections.cpp

@@ -30,7 +30,7 @@ long generateInvertiblePM(mat_GF2& M, int p){
 		// Fill matrix with random values and then compute determinant.
 		for(i=0; i<p; i++){
 			for(j=0; j<p; j++){
-				M.put(i,j,rand()%2);
+				M.put(i,j,phrand()%2);
 			}
 		}
 
@@ -371,7 +371,7 @@ int generateMixingBijection(mat_GF2& RES, int t, int p){
 
 		// 1. X matrix - p x t matrix, generated from M matrix using some row
 		X.SetDims(p, curT);
-		tmp = rand() % pBlocksInM;		// current row
+		tmp = phrand() % pBlocksInM;		// current row
 		for(i=p*tmp,k=0; k<p; i++, k++){
 			for(j=0; j<curT; j++){
 				X.put(k,j, M.get(i,j));
@@ -380,7 +380,7 @@ int generateMixingBijection(mat_GF2& RES, int t, int p){
 
 		// 2. Y matrix - t x p matrix, generated from M matrix using some column
 		Y.SetDims(curT, p);
-		tmp = rand() % pBlocksInM;
+		tmp = phrand() % pBlocksInM;
 		for(i=0; i<curT; i++){
 			for(j=p*tmp,k=0; k<p; j++, k++){
 				Y.put(i,k, M.get(i,j));
@@ -460,7 +460,7 @@ int generateRandomBijection(vec_GF2X& bijection, vec_GF2X& inverse, int size, in
 	// yes, we start from second element on purpose, to produce uniform distribution
 	for(i=1; i<size; i++){
 		// rnd is index from interval [0, i]
-		int rnd = rand() % (i+1);
+		int rnd = phrand() % (i+1);
 		swap(inverse[getLong(bijection[i])], inverse[getLong(bijection[rnd])]);
 		swap(bijection[i], bijection[rnd]);
 	}

MixingBijections.h

@@ -85,7 +85,7 @@ template<typename T> int randomPermutationT(T * bijection, int size, int init){
 	// yes, we start from second element on purpose, to produce uniform distribution
 	for(i=1; i<size; i++){
 		// rnd is index from interval [0, i]
-		int rnd = rand() % (i+1);
+		int rnd = phrand() % (i+1);
 
 		// swap values
 		T tmp = bijection[rnd];
@@ -108,7 +108,7 @@ template<typename T> int generateRandomBijectionT(T * bijection, T * inverse, in
 	// yes, we start from second element on purpose, to produce uniform distribution
 	for(i=1; i<size; i++){
 		// rnd is index from interval [0, i]
-		int rnd = rand() % (i+1);
+		int rnd = phrand() % (i+1);
 
 		// swap indexes
 		T idx = inverse[bijection[rnd]];

README.md

@@ -41,6 +41,7 @@ Dependencies
 * boost_iostreams 1.55+
 * boost_serialization 1.55+
 * boost_program_options 1.55+
+* boost_random 1.55+
 
 Description:
 * [NTL] math library is used for computation in finite fields & algebra. NTL is licensed under GPL thus this implementation also has to be GPL.

WBAESGenerator.cpp

@@ -416,10 +416,10 @@ void WBAESGenerator::generateTables(BYTE *key, enum keySize ksize, WBAES * genAE
 	defaultAES.expandKey(expandedKey, defaultKey, ksize);	// key schedule for default AES
 	backupKey = expandedKey;								// backup default AES expanded key for test routine
 	for(i=0; i<N_ROUNDS * N_SECTIONS; i++){
-		int rndPolynomial = useDualAESIdentity ? 0 : rand() % AES_IRRED_POLYNOMIALS;
-		int rndGenerator  = useDualAESIdentity ? 0 : rand() % AES_GENERATORS;
-		genA[i]			  = useDualAESARelationsIdentity ? 1 : (rand() % 255) + 1;
-		genI[i]			  = useDualAESARelationsIdentity ? 0 : rand() % 8;
+		int rndPolynomial = useDualAESIdentity ? 0 : phrand() % AES_IRRED_POLYNOMIALS;
+		int rndGenerator  = useDualAESIdentity ? 0 : phrand() % AES_GENERATORS;
+		genA[i]			  = useDualAESARelationsIdentity ? 1 : (phrand() % 255) + 1;
+		genI[i]			  = useDualAESARelationsIdentity ? 0 : phrand() % 8;
 		if (useDualAESSimpeAlternate && !useDualAESIdentity){
 			rndPolynomial = (i)%2 == 0 ? 0: AES_IRRED_POLYNOMIALS-1;
 			rndGenerator  = (i)%2 == 0 ? 0: AES_GENERATORS-1;

base.cpp

@@ -0,0 +1,13 @@
+//
+// Created by Dusan Klinec on 04.12.15.
+//
+
+#include "base.h"
+#include <boost/random/random_device.hpp>
+#include <boost/random/uniform_int_distribution.hpp>
+
+int phrand(){
+    static boost::random_device rd;
+    static boost::random::uniform_int_distribution<int> dis;
+    return dis(rd);
+}

base.h

@@ -12,5 +12,6 @@
 #define WBAES_BOOST_SERIALIZATION 1
 #define FORCE_DETERMINISM 1
 
+int phrand();
 
 #endif /* BASE_H_ */

main.cpp

@@ -74,8 +74,6 @@ int tryMain(int argc, const char * argv[]) {
 	unsigned char keyFromString[AES_BYTES];
 	unsigned char * keyToUse = GenericAES::testVect128_key;
 
-	// very poor PRNG seeding, but just for now
-	srand((unsigned)time(0));
 	GF2X defaultModulus = GF2XFromLong(0x11B, 9);
 	GF2E::init(defaultModulus);
 
@@ -140,7 +138,7 @@ int tryMain(int argc, const char * argv[]) {
 	randomKey = vm["create-random"].as<bool>();
 	if (randomKey){
 		for(int i=0; i<AES_BYTES; i++){
-			keyFromString[i] = rand() % 0x100;
+			keyFromString[i] = phrand() % 0x100;
 		}
 
 		keyToUse = keyFromString;
@@ -440,8 +438,6 @@ int tryMain(int argc, const char * argv[]) {
 }
 
 int A1A2relationsGenerator(void){
-	// very poor PRNG seeding, but just for now
-	srand((unsigned)time(0));
 	GF2X defaultModulus = GF2XFromLong(0x11B, 9);
 	GF2E::init(defaultModulus);
 
@@ -515,8 +511,6 @@ int A1A2relationsGenerator(void){
 }
 
 int dualAESTest(void){
-	// very poor PRNG seeding, but just for now
-	srand((unsigned)time(0));
 	GF2X defaultModulus = GF2XFromLong(0x11B, 9);
 	GF2E::init(defaultModulus);
 
@@ -586,7 +580,7 @@ int dualAESTest(void){
 
 	vec_GF2E A1;
 	vec_GF2E A2;
-	dualAES.generateA1A2Relations(A1, A2, 1+(rand() % 0xfe), rand() % 7);
+	dualAES.generateA1A2Relations(A1, A2, 1+(phrand() % 0xfe), phrand() % 7);
 	cout << "Testing relations A1 A2: Problems = " << dualAES.testA1A2Relations(A1, A2) << endl;
 
 	cout << "A1: " << endl;

testing.cpp

@@ -28,7 +28,6 @@ int main(void) {
 	// very poor PRNG seeding, but just for now
 	time_t start, end;
 
-	srand((unsigned)time(0));
 	GF2X defaultModulus = GF2XFromLong(0x11B, 9);
 	GF2E::init(defaultModulus);
 
@@ -111,8 +110,6 @@ int main(void) {
 }
 
 int A1A2relationsGenerator(void){
-	// very poor PRNG seeding, but just for now
-	srand((unsigned)time(0));
 	GF2X defaultModulus = GF2XFromLong(0x11B, 9);
 	GF2E::init(defaultModulus);
 
@@ -298,8 +295,6 @@ int A1A2relationsGenerator(void){
 }
 
 int dualAESTest(void){
-	// very poor PRNG seeding, but just for now
-	srand((unsigned)time(0));
 	GF2X defaultModulus = GF2XFromLong(0x11B, 9);
 	GF2E::init(defaultModulus);
 
@@ -375,7 +370,7 @@ int dualAESTest(void){
 
 	vec_GF2E A1;
 	vec_GF2E A2;
-	dualAES.generateA1A2Relations(A1, A2, 1+(rand() % 0xfe), rand() % 7);
+	dualAES.generateA1A2Relations(A1, A2, 1+(phrand() % 0xfe), phrand() % 7);
 	cout << "Testing relations A1 A2: Problems = " << dualAES.testA1A2Relations(A1, A2) << endl;
 
 	cout << "A1: " << endl;